<HTML><HEAD></SCRIPT></HEAD><BODY>
<?php

// Submission script for new dealers

// This form was largely outmoded by changes in 2011,
// and as of 2012 it is outdated and would need
// substantial updates to work properly.  It will not
// get those updates, either, as the automatic
// import system largely makes it obsolete.  In short,
// I have no reason to believe this file works
// right now and I shall not invest the time to
// repair it unless an urgent need arises.  If you
// must manually introduce a dealer, I suggest a
// manual SQL query.

require('globals.php');
require('logger.php');

$query_array = array();
$values = array();			// $values holds all the values from the form
$passer = array();

function LockAndLoad($index, $dealers_table) {

	// converts the table assignment from the entry on the pulldown list to something the
	// database can mangage

	global $query_array;

	switch($index) {
		case(1):
			$query_array[0] = $dealers_table . "A";
			$query_array[1] = $dealers_table . "B";
			break;
		case(2):
			$query_array[0] = substr($dealers_table,0,3) . "A";
			$query_array[1] = substr($dealers_table,0,3) . "B";
			$query_array[2] = substr($dealers_table,4,3) . "A";
			$query_array[3] = substr($dealers_table,4,3) . "B";
			break;
		case(3):
			$query_array[0] = substr($dealers_table,0,3) . "A";
			$query_array[1] = substr($dealers_table,0,3) . "B";
			$query_array[2] = substr($dealers_table,4,3) . "A";
			$query_array[3] = substr($dealers_table,4,3) . "B";
			$query_array[4] = substr($dealers_table,8,3) . "A";
			$query_array[5] = substr($dealers_table,8,3) . "B";
			break;
		default:
			$query_array[0] = $dealers_table;
		}
}

?><script type="text/javascript">

var error_block = "Some data is missing:\n"

<?php

if (!$_POST['dealership_name']) {
	?>error_block += "A dealership name is required.\n"
	<?php $data_missing = 1;
}

if (!$_POST['dealer_first_name'] || !$_POST['dealer_last_name']) {
	?>error_block += "A full dealer's name is required. \(If the dealer did not provide a full name, enter the first or last in both fields.\)\n"
	<?php $data_missing = 1;
}

if (!$_POST['dealer_email']) {
	?>error_block += "An email address is required.\n"
	<?php $data_missing = 1;
}

if (!$_POST['dealer_badgename']) {
	?>error_block += "An badge name is required.\n"
	<?php $data_missing = 1;
}

if ($data_missing) {
	?>window.alert(error_block)
	history.back()
	</SCRIPT><?php
}

else
{
?></SCRIPT><?php
// $dealer_add_query is the prefix for the dealer insert query
$dealer_add_query .= "INSERT INTO " . $dealers_table . " VALUES ('";
$id_retrieve_query = "SELECT dealer_id from " . $dealers_table . " WHERE dealership_name = '"
					. addslashes($_POST['dealership_name']) . "' AND dealer_asst = 0;";

if (!($link = mysql_connect($host, $user, $password)))
	die('Could not connect: ' . mysql_error());

if (!(mysql_select_db($database)))
	die('Could not select db ' . $database . ': ' . mysql_error());

foreach ($fieldnames_clean as $fieldnames_sub) {
	$key = $fieldnames_sub[0];
	$value = mysql_real_escape_string($_POST[$key], $link);
		if ($key != "assignment") {							// assignment is handled specifically by LockAndLoad()
			if ($value == '' && ($key == 'dealer_id' ||		// empty fields and booleans are manually set to `0`
								 $key == 'table_pref' ||	// since the HTML returns null strings of uselessness
								 $key == 'wall' ||
								 $key == 'table_adjacent_to' ||
								 $key == 'table_away_from' ||
								 $key == 'table_no_request' ||
								 $key == 'cancelled' ||
								 $key == 'power' ||
								 $key == 'tax_id' ||
								 $key == 'has_been_billed' ||
								 $key == 'has_been_registered' ||
								 $key == 'is_notified' ||
								 $key == 'trouble')) {
				$values[$kicker++] = "0";

			}
			else {
				$values[$kicker++] = $value;
			}
		}
		elseif ($key == 'assignment') {
			//NOOP, yes I know it`s clunky, but there was a reason for this.  Don`t remember what, tho. T.T
	}
}

// builds the insert string
$dealer_add_query = $dealer_add_query . implode("','", $values) . "')";

echo $dealer_add_query . "<BR>";

if (!(mysql_query($dealer_add_query, $link)))
	die('Could not execute query "' . $dealer_add_query . '": ' . mysql_error());

$id = mysql_real_escape_string((mysql_result(mysql_query($id_retrieve_query, $link),0)),$link);

if (!$id)
	die('No accurate result set returned for dealer_id!' . mysql_error());

LockAndLoad($_POST[table_size_act], $_POST[assignment], $query_array);

// build the table assignment string
for ($i=0;$i <= (sizeof($query_array)-1); $i++) {
	if (substr($query_array[$i],-1)) {
		$table_add_query = "UPDATE " . $tables_table . " SET row_" . strtolower(substr($query_array[$i],-1)) . "_assignment=" . $id .
					" WHERE row_number='" . substr($query_array[$i],0,-1) . "'";
		if (!(mysql_query($table_add_query, $link)))
			die('Could not execute query "' . $table_add_query . '": ' . mysql_error());
	}
}

RecordLogEntry($values);

mysql_close($link);

}
?>
Success!<BR>
<INPUT type=button value="Return To Form" onClick="history.back()">
</BODY></HTML>